Overview

overview

10

Static

static

10

1132-66-0x...ry.exe

windows7-x64

1132-66-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1132-66-0x0000000000400000-0x0000000000560000-memory.dmp

  • Size

    1.4MB

  • MD5

    b312e9b6ba612a18da6d0274496838e3

  • SHA1

    290a2aa3c83a01283442088b29183d29b4080f1b

  • SHA256

    8547c57795ba9d8e4f312086597bc7c4be89efaf354eecfb11f9de8ab8f3a393

  • SHA512

    e28e0a8e8054e16f447f84784952d305692251aeedb31db4c5f89e7fbb32fcff2453bd66d75d3cd67b32450aab9ec459c2b8d4f3eb54300bb45a0b1155fb9138

  • SSDEEP

    3072:ck4aHUBOO36YplMqBB3ZcPxlG+bBsDHXYzHG9122ifM:cdx3wqz3ZcDeD3Yzm913p

Score
10/10
ratupxwarzonerat

Malware Config

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1132-66-0x0000000000400000-0x0000000000560000-memory.dmp
    .exe windows x86


    Headers

    Sections